diff options
author | Jörg Thalheim <joerg@thalheim.io> | 2021-06-05 16:45:10 +0200 |
---|---|---|
committer | Jörg Thalheim <joerg@thalheim.io> | 2021-06-05 16:47:44 +0200 |
commit | 43908f4c1d8489ca284c47fb835ec3fa348016b0 (patch) | |
tree | d8658a47d6db557cdbacb44928cba1eba02532a9 | |
parent | bdb89449afc2284802cd58ec783eb7d60def2351 (diff) | |
download | nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar.gz nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar.bz2 nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar.lz nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar.xz nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.tar.zst nixpkgs-43908f4c1d8489ca284c47fb835ec3fa348016b0.zip |
buildFhsUserenv: don't leak mounts to other processes
If run as root we were leaking mounts to the parent namespace, which lead to an error when removing the temporary mountroot. To fix this we remount the whole tree as private as soon as we created the new mountenamespace.
-rw-r--r-- | pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c index a438b80e182..27e70e3fe5c 100644 --- a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c +++ b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c @@ -43,7 +43,6 @@ const gchar *create_tmpdir() { void pivot_host(const gchar *guest) { g_autofree gchar *point = g_build_filename(guest, "host", NULL); fail_if(g_mkdir(point, 0755)); - fail_if(mount(0, "/", 0, MS_PRIVATE | MS_REC, 0)); fail_if(pivot_root(guest, point)); } @@ -122,6 +121,9 @@ int main(gint argc, gchar **argv) { fail("unshare", unshare_errno); } + // hide all mounts we do from the parent + fail_if(mount(0, "/", 0, MS_PRIVATE | MS_REC, 0)); + if (uid != 0) { spit("/proc/self/setgroups", "deny"); spit("/proc/self/uid_map", "%d %d 1", uid, uid); |